SIP.edu : OpenSER in an academic environment OpenSER SUMMIT - VON – Berlin 2006.

Slides:

Advertisements

Similar presentations

SIP, Presence and Instant Messaging

Advertisements

Fall IM 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.

IM May 24, 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.

Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.

29 September 2003 Internet2 VoIP and PIC in a Nutshell Ben Teitelbaum.

Building Applications Using SIP Scott Hoffpauir Vice President, Engineering Fall 1999 VON, Atlanta.

Voice over IP Fundamentals

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Agenda Introduction Requirements Architecture Issues Implementation Q/A Kundan Singh and Henning Schulzrinne, Columbia University.

Skype Connected to a SIP PBX

Building Applications Using SIP Scott Hoffpauir Vice President, Engineering Fall 1999 VON, Atlanta.

 3G is the third generation of tele standards and technology for mobile networking, superseding 2.5G. It is based on the International Telecommunication.

Preventing Spam For SIP-based Sessions and Instant Messages Kumar Srivastava Henning Schulzrinne June 10, 2004.

IRT Lab IP Telephony Columbia 1 Henning Schulzrinne Wenyu Jiang Sankaran Narayanan Xiaotao Wu Columbia University Department of Computer Science.

E*phone sipc Software SIP user agents Hardware Internet (SIP) phones SIP proxy, redirect server SQL database sipd SIPH.323 converter NetMeeting siph323.

Agenda Introduction to 3GPP Introduction to SIP IP Multimedia Subsystem Service Routing in IMS Implementation Conclusions.

Secure Telephony Enabled Middle-box (STEM) Maggie Nguyen Dr. Mark Stamp SJSU - CS 265 Spring 2003 STEM is proposed as a solution to network vulnerabilities,

Information Storage and Retrieval CS French Chapter 3.

SIP-based Application Development SIP International 2004.

MNO Cloud Use Case 2 Source: Rogers Wireless Contact: Ed O’Leary George Babut 3GPP/SA3-LI#43Tdoc SA3LI11_115.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.

AMHS (ATS Message Handling System)

Presence Applications in the Real World Patrick Ferriter VP of Product Marketing.

Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.

Architecture SIP proxy, redirect server SQL database sipd Proxy, Redirect, Registration server. Authentication Programmable (SIP- CGI) OpenSource SQL database:

Architecture Proxy, Redirect, Registration server. Authentication Programmable (SIP- CGI) OpenSource SQL database: MySQL User information:

Ingate & Dialogic Technical Presentation SIP Trunking Focused.

Andmeside IRT 0030 loeng nov Avo Ots telekommunikatsiooni õppetool raadio- ja sidetehnika instituut

SIP.edu Speaker: Changyu Wu Adviser: Quincy Wu Date:2006/12/18.

ITNW 1380 COOPERATIVE EDUCATION – NETWORKING Spring 2010 Seminar # 4 VOIP Network Solutions.

 Introduction  VoIP  P2P Systems  Skype  SIP  Skype - SIP Similarities and Differences  Conclusion.

1 NGN Issues - Numbering and Addressing Peter Darling ACIF NGN FOG No. 3.

1 Integrating 3G and WLAN Services in NTP SIP-based VoIP Platform Dr. Quincy Wu National Telecommunications Program Office

Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.

Integrating VoiceXML with SIP services

Session Initiation Protocol (SIP). What is SIP? An application-layer protocol A control (signaling) protocol.

Module 11: Remote Access Fundamentals

1 TAC2000/ LABORATORY 117 SIP Peering in APAN Quincy Wu July 5, 2004.

Np133 Dennis Baron, September 19, 2005 Page 1 SIP.edu Working Group Meeting Internet2 Fall Member Meeting Dennis Baron September 19, 2005.

1 SIP deployment in LEARN Nimal Ratnayake Technical Manager, Lanka Educational and Research Network (LEARN) Senior Lecturer, Department of Electrical &

Appendix A UM in Microsoft® Exchange Server 2010.

Kerberos Named after a mythological three-headed dog that guards the underworld of Hades, Kerberos is a network authentication protocol that was designed.

A Conference Gateway Supporting Interoperability Between SIP and H.323 Jiann-Min Ho (Presenter) Jia-Cheng Hu Information Networking Institute Peter Steenkiste.

Presented By Team Netgeeks SIP Session Initiation Protocol.

4BP1 Electronic & Computer Engineering Paul Gildea th Year Interim Project Presentation.

148 Sidevõrgud IRT 0020 loeng nov Avo Ots telekommunikatsiooni õppetool, TTÜ raadio- ja sidetehnika inst.

Countermeasures of Spam over Internet Telephony in SIP.edu Campuses with MySQL and LDAP Support Speaker: Chang-Yu Wu Adviser: Dr. Quincy Wu School: National.

An analysis of Skype protocol Presented by: Abdul Haleem.

Security, NATs and Firewalls Ingate Systems. Basics of SIP Security.

March 31, 2003 Dennis Baron MIT SIP Presentation.

Sumanth Nag Popuri.  Why do we need SIP ?  The protocol  Instant Messaging using SIP  Internet Telephony with SIP  Additional applications  Future.

CS 3830 Day 9 Introduction 1-1. Announcements r Quiz #2 this Friday r Demo prog1 and prog2 together starting this Wednesday 2: Application Layer 2.

Packetizer ® Copyright © 2010 Into the Cloud Future Direction of Video Conferencing 1 Simon Horne H323.net 11 February 2010.

Jabber Technical Overview Presenter: Ming-Wei Lin.

1 SIP deployment in LEARN Nimal Ratnayake Technical Manager, Lanka Educational and Research Network (LEARN) Senior Lecturer, Department of Electrical &

1 SIP deployment in LEARN Nimal Ratnayake Technical Manager, Lanka Educational and Research Network (LEARN) Senior Lecturer, Department of Electrical &

SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.

 Problematic: Transfer of messages from one server to another. A user is never in direct contact with this server must use an client which.

SOSIMPLE: A Serverless, Standards- based, P2P SIP Communication System David A. Bryan and Bruce B. Lowekamp College of William and Mary Cullen Jennings.

HOW TO GUIDE: INEXPENSIVE INTERNET PROTOCOL TELEPHONY SOLUTION Created by: Cameron Adkisson Eastern Kentucky University

1Security for Service Providers – Dave Gladwin – Newport Networks – SIP ’04 – 22-Jan-04 Security for Service Providers Protecting Service Infrastructure.

THIS IS THE WAY ENUM Variants Jim McEachern

Architecture OpenSource SQL database: MySQL

Server Concepts Dr. Charles W. Kann.

Architecture rtspd SIP/RTSP Unified messaging RTSP media server sipum

Presentation transcript:

SIP.edu : OpenSER in an academic environment OpenSER SUMMIT - VON – Berlin 2006

Agenda Introduction  INRIA  The SIP.edu project SIP.edu at INRIA  Access control with RADIUS Expected limitations and problems Future improvements

INRIA French National Institute for Research in Computer Science and Control Fundamental and applied research in various fields  Networking  Multimedia  Software security  Modeling living structures and mechanisms 5000 people in 6 locations

The SIP.edu project Started in late 2003, from an Internet2 organization initiative Aims to connect academic institutions with SIP Two prerequisites  A user to phone number mapping mechanism SIP address ~= address  Integrate with an existing PBX to make non-SIP phones reachable Not necessarily IP enabled More than 250,000 people reachable  MIT, Harvard University, Yale,..

SIP.edu : target architecture

SIP.edu at INRIA DNS SRV records to our SIP proxy SIP proxy : OpenSER version Directory : OpenLDAP  Gathers the information for all INRIA members SIP PBX gateway : Asterisk + Cisco router  12 channels to the existing PBX PBX : TENOVIS

SIP.edu at INRIA : the picture

Available services URIs that map with regular E.164 extensions at INRIA  Accessible to anyone from the Internet URIs, to call external E.164 extensions  Restricted to INRIA’s members RADIUS based access control

Sample call flow to a numeric extension To initiate a call to PSTN extension , Alice types “ " into her SIP user agent (UA);  DNS SRV query  Sent to INRIA’s SIP proxy The proxy detects a numeric extension, and triggers the RADIUS authentication process The proxy re-writes the INVITE to INVITE which it sends to the Asterisk server; Asterisk rings extension through the PSTN gateway and PBX.

SIP and RADIUS : user password storage Two alternatives  Clear text format Insecure Regular authentication database cannot be used  Digest-HA1: MD5(username:realm:password) User password is kept opaque to the admin Stored information is still sensitive Regular authentication database cannot be used

The key role of OpenSER Call processing logic  Not that easy to handle but powerful Modular software architecture Many database/protocols connectors  RADIUS, SQL, Jabber,.. External scripting integration  In our SIP.edu architecture, the LDAP information retrieval process is a shell script launched by OpenSER

Expected limitations and problems NAT issues SPIT (SPam over IP Telephony)  Use inter-domain TLS? OpenSER already addresses those issues

Future improvements Enable RADIUS authorization by implementing group checking Integrate with our Jabber based IM - presence solution Already possible with OpenSER